darkkirb/harness-drone
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

removed User checks from handler because middlware has our back

Browse source
This commit is contained in:
Brad Rydzewski 2014-10-09 20:26:32 -07:00
parent 598c553c3f
commit 839b578228
2 changed files with 8 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/handler/hook.go
View file

@ -90,9 +90,11 @@ func PostHook(c web.C, w http.ResponseWriter, r *http.Request) {
PullRequest: hook.PullRequest, PullRequest: hook.PullRequest,
Timestamp: hook.Timestamp, Timestamp: hook.Timestamp,
Message: hook.Message, Message: hook.Message,
Config: string(yml)} Config: string(yml),
}
commit.SetAuthor(hook.Author) commit.SetAuthor(hook.Author)
// inser the commit into the database
// inserts the commit into the database
if err := datastore.PostCommit(ctx, &commit); err != nil { if err := datastore.PostCommit(ctx, &commit); err != nil {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return

38
server/handler/users.go
View file

@ -17,15 +17,7 @@ import (
// //
func GetUserList(c web.C, w http.ResponseWriter, r *http.Request) { func GetUserList(c web.C, w http.ResponseWriter, r *http.Request) {
var ctx = context.FromC(c) var ctx = context.FromC(c)
var user = ToUser(c)
switch {
case user == nil:
w.WriteHeader(http.StatusUnauthorized)
return
case user.Admin == false:
w.WriteHeader(http.StatusForbidden)
return
}
users, err := datastore.GetUserList(ctx) users, err := datastore.GetUserList(ctx)
if err != nil { if err != nil {
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusInternalServerError)
@ -47,14 +39,7 @@ func GetUser(c web.C, w http.ResponseWriter, r *http.Request) {
host = c.URLParams["host"] host = c.URLParams["host"]
login = c.URLParams["login"] login = c.URLParams["login"]
) )
switch {
case user == nil:
w.WriteHeader(http.StatusUnauthorized)
return
case user.Admin == false:
w.WriteHeader(http.StatusForbidden)
return
}
user, err := datastore.GetUserLogin(ctx, host, login) user, err := datastore.GetUserLogin(ctx, host, login)
if err != nil { if err != nil {
w.WriteHeader(http.StatusNotFound) w.WriteHeader(http.StatusNotFound)
@ -72,18 +57,10 @@ func GetUser(c web.C, w http.ResponseWriter, r *http.Request) {
func PostUser(c web.C, w http.ResponseWriter, r *http.Request) { func PostUser(c web.C, w http.ResponseWriter, r *http.Request) {
var ctx = context.FromC(c) var ctx = context.FromC(c)
var ( var (
user = ToUser(c)
host = c.URLParams["host"] host = c.URLParams["host"]
login = c.URLParams["login"] login = c.URLParams["login"]
) )
switch {
case user == nil:
w.WriteHeader(http.StatusUnauthorized)
return
case user.Admin == false:
w.WriteHeader(http.StatusForbidden)
return
}
account := model.NewUser(host, login, "") account := model.NewUser(host, login, "")
if err := datastore.PostUser(ctx, account); err != nil { if err := datastore.PostUser(ctx, account); err != nil {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
@ -105,14 +82,7 @@ func DelUser(c web.C, w http.ResponseWriter, r *http.Request) {
host = c.URLParams["host"] host = c.URLParams["host"]
login = c.URLParams["login"] login = c.URLParams["login"]
) )
switch {
case user == nil:
w.WriteHeader(http.StatusUnauthorized)
return
case user.Admin == false:
w.WriteHeader(http.StatusForbidden)
return
}
account, err := datastore.GetUserLogin(ctx, host, login) account, err := datastore.GetUserLogin(ctx, host, login)
if err != nil { if err != nil {
w.WriteHeader(http.StatusNotFound) w.WriteHeader(http.StatusNotFound)